ThreatExpert's Statistics for Mal/Behav-034 [Sophos]:

Mal/Behav-034 [Sophos] is also known as:

Threat Alias	Number of Incidents
Exploit.Win32.SqlShell.r [Kaspersky Lab]	4
Trojan-Downloader [Ikarus]	4
Backdoor.Rbot [Ikarus]	3
Backdoor.Win32.VB [Ikarus]	3
Backdoor.Win32.VB.czs [Kaspersky Lab]	3
Generic.dx [McAfee]	3
Trojan Horse [Symantec]	3
Trojan-Downloader.Win32.Agent.anxd [Kaspersky Lab]	3
Backdoor.Trojan [Symantec]	2
Spyware.Perfect [Symantec]	2
Trojan.BHO [Ikarus]	2
Trojan.Win32.Agent2 [Ikarus]	2
Trojan-Dropper.Agent [Ikarus]	2
Trojan-GameThief.Win32.OnLineGames [Ikarus]	2
VirTool:Win32/DelfInject.gen!X [Microsoft]	2
W32.IRCBot [Symantec]	2
Backdoor.Trojan [PC Tools]	1
Backdoor.Win32.Agent.afif [Kaspersky Lab]	1
Backdoor.Win32.Bandoora.a [Ikarus]	1
Backdoor.Win32.Bandoora.b [Kaspersky Lab]	1
Downloader [Symantec]	1
Gen.Backdoor [Ikarus]	1
Generic BackDoor [McAfee]	1
Generic BackDoor!ye [McAfee]	1
Generic StartPage [McAfee]	1
Generic StartPage!f [McAfee]	1
Generic.dx!bip [McAfee]	1
Infostealer [Symantec]	1
not-a-virus:Client-IRC.Win32.mIRC [Ikarus]	1
Spyware.Perfect [PC Tools]	1
Trojan.Daekom [Symantec]	1
Trojan.Generic [PC Tools]	1
Trojan.Win32.Agent.delm [Kaspersky Lab]	1
Trojan.Win32.Agent2.cr [Kaspersky Lab]	1
Trojan.Win32.Agent2.crv [Kaspersky Lab]	1
Trojan.Win32.Pincav.nup [Kaspersky Lab]	1
Trojan:Win32/Malagent [Microsoft]	1
Trojan-Banker.Win32.Banker.acwh [Kaspersky Lab]	1
Trojan-Downloader.Agent!sd6 [PC Tools]	1
Trojan-Downloader.Win32.Agent.akvm [Kaspersky Lab]	1
Trojan-Dropper.Delf [Ikarus]	1
Trojan-GameThief.Win32.OnLineGames.vhqx [Kaspersky Lab]	1
Trojan-GameThief.Win32.OnLineGames.vijk [Kaspersky Lab]	1
Trojan-IM.Win32.VB [Ikarus]	1
Trojan-IM.Win32.VB.q [Kaspersky Lab]	1
Virus.Win32.StartPage.609 [Ikarus]	1
W32.Almanahe.B!inf [Symantec]	1
W32.SillyFDC [Symantec]	1
Win-Trojan/Agent2.374272 [AhnLab]	1
Win-Trojan/Agent2.526245 [AhnLab]	1
Win-Trojan/Bho.136704 [AhnLab]	1
Win-Trojan/OnlineGameHack.136144.B [AhnLab]	1
Win-Trojan/OnlineGameHack.139264.AE [AhnLab]	1
Win-Trojan/StartPage.531456 [AhnLab]	1
Win-Trojan/Xema.29686 [AhnLab]	1
Win-Trojan/Xema.variant [AhnLab]	1
Worm.P2PAgent [PC Tools]	1

Mal/Behav-034 [Sophos] has the following possible countries of origin:

Origin		Number of Incidents
	China	6
	Poland	4
	France	3
	Republic of Korea	3
	United Kingdom	3
	Brazil	2
	Germany	1
	Russian Federation	1

Mal/Behav-034 [Sophos] is known to be created as:

%ProgramFiles%\dbs.exe

%ProgramFiles%\pcguard\pcguard.exe

%System%\sysbl.dll

%System%\system64.exe

%Temp%\client.exe

%UserProfile%\lsass.exe

%Windir%\st634unst2.exe

%Windir%\system\lsass.exe

%Windir%\system\services.exe

Notes:

%ProgramFiles% is a variable that refers to the Program Files folder. A typical path is C:\Program Files.
%System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
%Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
%UserProfile% is a variable that specifies the current user's profile folder. By default, this is C:\Documents and Settings\[UserName] (Windows NT/2000/XP).
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.